﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using Marbles.Core.Content.Sites;
using Marbles.Core.Connectors;
using System.Xml.Serialization;

namespace Marbles.Core.Authentication
{
    /// <summary>
    /// Base Abstract class for User Tokens
    /// </summary>
    [Serializable()]
    public abstract class TokenBase : IToken
    {
        public bool Success { get { return _success; } set { } }
        public string Username { get { return _username; } set { } }
        public string Identity { get { return _identity; } set { } }
        public string UserId { get { return _userid; } set { } }
        public string this[string value]
        {
            get
            {
                if (_properties.ContainsKey(value)) { return _properties[value]; }
                return String.Empty;
            }
        } 

        [XmlIgnore()]
        [SoapIgnore()]
        public Dictionary<string, string> Properties
        {
            get { return _properties; }
            set { }
        }
        public bool IsRoot { get { return _isroot; } set { } }
        public bool IsAdministrator { get { return _isadministrator; } set { } }
        public bool IsViewer { get { return _isviewer; } set { } }
        public bool IsEditor { get { return _iseditor; } set { } }
        public string Email { get { return _email; } set { } }
        public string Fullname { get { return _fullname; } set { } }

        internal bool IsSuccess { set { _success = value; } }
        internal bool _isviewer = false;
        internal bool _isadministrator = false;
        internal bool _isroot = false;
        internal bool _iseditor = false;
        internal bool _success = false;
        internal string _email = string.Empty;
        internal string _fullname = string.Empty;
        internal string _identity = string.Empty;
        internal string _username = string.Empty;
        internal string _userid = string.Empty;
        internal Dictionary<string, string> _properties = null;

        public TokenBase()
        {
            _success = false;
            _identity = string.Empty;
            _properties = new Dictionary<string, string>();
        }

        protected virtual void LoadPermissions(string username)
        {
            QueryPermissions(username, "username");
        }

        protected void QueryPermissions(string username, string field)
        {
            SiteDefinition web = SiteDefinition.GetCurrent();
            DataConnection dbc = new DataConnection();
            Command cmd = new Command("SELECT * FROM Users WHERE " + field + " = @username AND enabled = 1 AND siteid = @siteid");
            cmd.AddParameter("@username", username);
            cmd.AddParameter("@siteid", web.SiteId);
            DataTable dt = dbc.FetchDataTable(cmd);

            if (dt.Rows.Count > 0)
            {

                _userid = dt.Rows[0]["userid"].ToString();
                _username = dt.Rows[0]["username"].ToString();
                _fullname = dt.Rows[0]["fullname"].ToString();
                _email = dt.Rows[0]["email"].ToString();
                foreach (DataColumn dc in dt.Columns)
                {
                    if (_properties.ContainsKey(dc.ColumnName.ToLower()))
                    {
                        _properties[dc.ColumnName.ToLower()] = dt.Rows[0][dc.ColumnName].ToString();
                    }
                    else
                    {
                        _properties.Add(dc.ColumnName.ToLower(), dt.Rows[0][dc.ColumnName].ToString());
                    }
                }

                _isadministrator = false;
                _isviewer = false;
                _iseditor = false;
                _isroot = false;
                cmd = new Command("SELECT editor, administrator, viewer, root FROM usergrouplink a INNER JOIN usergroups b ON a.groupid = b.groupid WHERE a.userid  = @userid  AND a.siteid = @siteid");
                cmd.AddParameter("@userid", _userid);
                cmd.AddParameter("@siteid", web.SiteId);
                dt = new DataTable();
                dt = dbc.FetchDataTable(cmd);

                foreach (DataRow dr in dt.Rows)
                {
                    if (Convert.ToBoolean(dr["root"])) { _isroot = true; }
                    if (Convert.ToBoolean(dr["administrator"])) { _isadministrator = true; }
                    if (Convert.ToBoolean(dr["viewer"])) { _isviewer = true; }
                    if (Convert.ToBoolean(dr["editor"])) { _iseditor = true; }
                }
            }
            else
            {
                _isviewer = true;
                _iseditor = false;
                _isadministrator = false;
            }
        }
    }
}